Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 

Listing of Claims; 

1 . (Currently amended) A computer implemented method in a data processing system for 
automatically configuring IP security tunnels, said computer implemented method comprising the steps 
of 

retrieving a remote computer system identifier; 

determining whether a local-remote pair corresponding to the identifier is found, wherein the 
local-remote pair is used in selecting a security policy, and wherein an error is reported indicating that a 
user needs to configure a tunnel with the remote computer system if the local-remote pair is not found; 
[[and]] 

defining a configuration of an IP security tunnel between the data processing system and the 
remote computer system utilizing a security policy specification format, wherein said security policy 
specification format is established as a document type definition (DTD) file capable of being utilized by a 
plurality of different operating systems and a plurality of different machine types ; and 

including a plurality of different elements in said DTD file, each of said plurality of different 
elements being utilized to configure an ff security tunnel . 

2. (Previously presented) The method according to claim 1, wherein said DTD file defines a 
collection of elements, and further comprising: 

generating an XML file utilizing the collection of elements defined in said DTD file, wherein said 
XML file defines a configuration of a particular IP security tunnel, and wherein said XML file is 
processed to automatically configure said W security tunnel defined by the XML file. 

3. (Canceled) 

4. (Currently amended) The method according to claim i [[3]], further comprising the steps of: 
generating an XML file utilizing a plurality of said plurality of different elements included within 

said DTD file; and 

processing said XML file to automatically configure an IP security tunnel. 
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5. (Original) The method according to claim 1, further comprising the step of including a root 
element in said security policy specification format. 

6. (Original) The method according to claim 1, further comprising the step of establishing a 
protection element in said security policy specification format, said protection element including a listing 
of IKE transforms. 

7. (Original) The method according to claim 1, further comprising the step of establishing a 
transform element in said security policy specification format. 

8. (Previously presented) The method according to claim 1, further comprising the step of 
establishing a group element in said security policy specification format, wherein said group element 
contains multiple identification elements. 

9. (Original) The method according to claim 1, further comprising the step of establishing an 
identification element in said security policy specification format. 

10. (Original) The method according to claim 1, further comprising the step of establishing a tunnel 
element in said security policy specification format. 

11. (Original) The method according to claim 1, further comprising the step of establishing a root 
element, a protection element, a transform element, a group element, an identification element, a tunnel 
element, a local/remote identify element, an ID type element, an ID definition element, a pre-shared key 
element, an IPsec proposal element, an IPsec ESP protocol element, an IPsec authentication header 
element, and an IPsec protection element in said security policy specification format. 

12. (Original) The method according to claim 1, further comprising the step of automatically 
configuring an IP security tunnel utilizing said security policy specification format. 

13. (Original) The method according to claim 1, further comprising the step of comparing a first IP 
security tunnel to a second IP security tunnel utilizing a first security policy specification format that is 
associated with said first IP security tunnel and a second security policy specification format that is 
associated with a second IP security tunnel. 
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14. (Currently amended) A computer program product comprising: 

a computer readable medium having computer usable program code for defining a configuration 
of IP security tunnels in a data processing system, comprising: 

computer usable program code for retrieving a remote computer system identifier; 

computer usable program code for determining whether a local-remote pair corresponding to the 
identifier is found, wherein the local-remote pair is used in selecting a security policy, and wherein an 
error is reported indicating that a user needs to configure a tunnel with the remote computer system if the 
local-remote pair is not found; 

computer usable program code for automatically configuring an IP security tunnel between the 
data processing system and the remote computer system utilizing a security policy specification format 
wherein said security policy specification format is established as a document type definition (DTD) file 
capable of being utilized by a plurality of different operating systems and a plurality of different machine 
types ; and 

computer usable program code for including a plurality of different elements in said DTD file, 
each of said plurality of different elements being utilized to configure an IP security tunnel . 

15. (Previously presented) The product according to claim 14, wherein said DTD file defines a 
collection of elements, and further comprising: 

generating an XML file utilizing the collection of elements defined in said DTD file, wherein said 
XML file defines a configuration of a particular IP security tunnel, and wherein said XML file is 
processed to automatically configure said IP security tunnel defined by the XML file. 

16. (Canceled) 

17. (Currently amended) The product according to claim 14 [[16]], further comprising: 

computer usable program code for generating an XML file utilizing a plurality of said plurality of 
different elements included within said DTD file; and 

computer usable program code for processing said XML file to automatically configure an IP 
security tunnel. 

18. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for including a root element in said security policy specification format. 
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19. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for establishing a protection element in said security policy specification format, said 
protection element including a listing of IKE transforms. 

20. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for establishing a transform element in said security policy specification format. 

2 1 . (Previously presented) The product according to claim 14, further comprising computer usable 
program code for establishing a group element in said security policy specification format, wherein said 
group element contains multiple identification elements. 

22. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for establishing an identification element in said security policy specification format. 

23. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for establishing a tunnel element in said security policy specification format. 

24. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for establishing a root element, a protection element, a transform element, a group element, 
an identification element, a tunnel element, a local/remote identify element, an ID type element, an ID 
definition element, a pre-shared key element, an IPsec proposal element, an IPsec ESP protocol element, 
an DPsec authentication header element, and an IPsec protection element in said security policy 
specification format. 

25. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for automatically configuring an IP security tunnel utilizing said security policy 
specification format. 

26. (Previously presented) The product according to claim 14, further comprising computer usable 
program code for comparing a first IP security tunnel to a second IP security tunnel utilizing a first 
security policy specification format that is associated with said first LP security tunnel and a second 
security policy specification format that is associated with a second IP security tunnel. 
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27. (Currently amended) A data processing system for automatically configuring IP security tunnels, 
comprising: 

a computer; 

a computer readable medium containing computer readable instructions, wherein the computer 
executes the computer readable instructions to retrieve a remote computer system identifier; determine 
whether a local-remote pair corresponding to the identifier is found, wherein the local-remote pair is used 
in selecting a security policy, and wherein an error is reported indicating that a user needs to configure a 
tunnel with the remote computer system if the local-remote pair is not founds [[and]] automatically 
configure an IP security tunnel between the data processing system and the remote computer system 
utilizing a_security policy specification format, wherein said security policy specification format is 
established as a document type definition (DTD) file capable of being utilized by a plurality of different 
operating systems and a plurality of different machine types ; and include a plurality of different elements 
in said DTD file, each of said plurality of different elements being utilized to configure an IP security 
tunnel . 

28. (Previously presented) The system according to claim 27, wherein said DTD file defines a 
collection of elements, and further comprising: 

generating an XML file utilizing the collection plurality of different elements defined in said 
DTD file, wherein said XML file defines a configuration of a particular IP security tunnel, and wherein 
said XML file is processed to automatically configure said IP security tunnel defined by the XML file. 

29. (Canceled) 

30. (Currently amended) The system according to claim 27 [[29]], further comprising: 

an XML file being generated utilizing a plurality of said plurality of different elements included 
within said DTD file; and 

said system for processing said XML file to automatically configure an IP security tunnel. 

3 1 . (Original) The system according to claim 27, further comprising a root element being included in 
said security policy specification format. 

32. (Original) The system according to claim 27, further comprising a protection element being 
included in said security policy specification format, said protection element including a listing of IKE 
transforms. 
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33. (Original) The system according to claim 27, further comprising a transform element being 
included in said security policy specification format. 

34. (Previously presented) The system according to claim 27, further comprising a group element 
being included in said security policy specification format, wherein said group element contains multiple 
identification elements. 

35. (Original) The system according to claim 27, further comprising an identification element being 
included in said security policy specification format. 

36. (Original) The system according to claim 27, further comprising a tunnel element being included 
in said security policy specification format. 

37. (Original) The system according to claim 27, further comprising a root element, a protection 
element, a transform element, a group element, an identification element, a tunnel element, a local/remote 
identify element, an ID type element, an ID definition element, a pre-shared key element, an IPsec 
proposal element, an IPsec ESP protocol element, an IPsec authentication header element, and an IPsec 
protection element being included in said security policy specification format. 

38. (Original) The system according to claim 27, further comprising said system for automatically 
configuring an IP security tunnel utilizing said security policy specification format. 

39. (Original) The system according to claim 27, further comprising said system for comparing a 
first IP security tunnel to a second IP security tunnel utilizing a first security policy specification format 
that is associated with said first IP security tunnel and a second security policy specification format that is 
associated with a second IP security tunnel. 
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